Use Multiple Trusted Factors to Authorize Access

IP addresses, usernames, client program names and other factors can be used as part of Oracle Database Vault security controls to increase security. Since an attacker can't simply use a stolen account to access sensitive data, it can block unauthorized access to sensitive data and generate high value alerts notifying administrators of suspicious data access activity to help stop data theft before it happens.

Separation of Duty

Separation of duty allows organizations to provide a check and balance with their privileged users. The enforced separation of duty implemented by Oracle Database Vault makes it difficult for an attacker to disable security controls, create false users and access sensitive data by leveraging credentials from a single privileged account.